Analysis
-
max time kernel
139s -
max time network
126s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
-
submitted
24/04/2024, 13:27
General
-
Target
2024-04-24_71afd407cc666c6686ed9afa273029ce_hacktools_icedid.exe
-
Size
10.1MB
-
MD5
71afd407cc666c6686ed9afa273029ce
-
SHA1
5d4e9b37a29f7cf45709c32181d8497c986c4a88
-
SHA256
1b154093f21b94ae5870d9431ad32ed9313b4cb39573b14e3d656bb4c5b6ca7c
-
SHA512
dc09c64e97414eb99b186c8379c6b278671eafde7cf73b28769e4d5b789826560190d13999a0d5a1ee7eb1e9273c46e7764b2a6566198169d12e076c683061f6
-
SSDEEP
196608:A4FCslfeJfc4d5FD2LczzwzszWYyaJemW26yc1/z1dHQeYYd0d:Aax6TdH2L2sA81b1dHQeYYd0d
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of FindShellTrayWindow 3 IoCs
-
Suspicious use of SendNotifyMessage 3 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-04-24_71afd407cc666c6686ed9afa273029ce_hacktools_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-04-24_71afd407cc666c6686ed9afa273029ce_hacktools_icedid.exe"1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2980 -s 10522⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 2980 -ip 29801⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.2MB
MD5189fb7af1b7b2834c6522f20d8f6fade
SHA18c66ffac2080c8956dfcd1d6cda8ef2d37bd9622
SHA256acb00fa4ef2a259436600f5ab23b04896f2485b6a65b6f607d6401050477767f
SHA512c1a2d8c95df87def5f22b8e071e04093bcd52148504ef4cb2ca33d18f6f7f5be19446b32cc1d19704d73b612dd41aeefa9768f4e0e7e8d14c7ba845bb737a141